1. Field
The disclosure relates generally to computer network security and more specifically to identifying malicious servers within malicious Web infrastructures based on visibility of network servers and topology of network traffic redirection chains of network servers.
2. Description of the Related Art
Malicious Web activities are a major threat to the safety of online Web users and their computers. These malicious Web activities are orchestrated through malicious Web infrastructures, which enable cyber criminals to conduct their criminal activities on the Web and utilize other cyber criminals' resources within the malicious Web infrastructures. Such malicious Web infrastructures are the backbone of these criminal activities in today's cyberspace, delivering malicious content, such as malicious software, globally and causing hundreds of millions of dollars in damage every year. Malicious software, or malware for short, is any software used to disrupt computer operations, gather sensitive information stored on computers, or gain access to private computer systems and networks, for example. Malware is an umbrella term referring to a variety of hostile or intrusive software, such as, for example, computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and other malicious programs.